These legit looking iPhone cables allow hackers to take charge of your computer

When they said you should be wary of third-party accessories and unbranded cables for charging your smartphone, they were serious. And the latest example of what a cable that isn’t original can do, should be enough to scare you. There is apparently a Lightning Cable that looks just as harmless as an iPhone cable should. But it has a nasty trick up its sleeve, which allows a hacker to take control of your computer, the moment you plug this in to the USB port. This cable has been dubbed the OMGCable.

A security researcher with the Twitter handle @_MG_ took a typical USB to Lightning cable and added a Wi-Fi implant to it. The moment this gets plugged into the USB port on a PC, a hacker sitting nearby with access to the Wi-Fi module hidden inside the cable can run a malicious code and take charge of a PC or remotely access data without the user even noticing.

“This specific Lightning cable allows for cross-platform attack payloads, and the implant I have created is easily adapted to other USB cable types. Apple just happens to be the most difficult to implant, so it was a good proof of capabilities,” said MG, as reported by the TechCrunch website.

The thing with phone charging cables is that no one really gives them a second look. You see one, you plug it in and you let it be. At the same time, a lot of users are wary about using USB drives, also known as pen drives or thumb drives, because they are popular as carriers of malware and viruses that can pretty much ruin your PC.

Hack an iPhone, win $ 1 million


Apple has massively increased the amount it’s offering hackers for finding vulnerabilities in iPhones and Macs, up to $1 million. It’s by far the highest bug bounty on offer from any major tech company.

That’s up from $200,000, and in the fall the program will be open to all researchers. Previously only those on the company’s invite-only bug bounty program were eligible to receive rewards.

As Forbes reported on Monday, Apple is also launching a Mac bug bounty, which was confirmed Thursday, but it's also extending it to watchOS and its Apple TV operating system. The announcements came in Las Vegas at the Black Hat conference, where Apple’s head of security engineering Ivan Krstić gave a talk on iOS and macOS security.

Forbes also revealed on Monday that Apple was to give bug bounty participants “developer devices”—iPhones that let hackers dive further into iOS. They can, for instance, pause the processor to look at what’s happening with data in memory. Krstić confirmed the iOS Security Research Device program would be by application only. It will arrive next year.

$1 million for an iPhone hack

The full $1 million will go to researchers who can find a hack of the kernel—the core of iOS—with zero clicks required by the iPhone owner. Another $500,000 will be given to those who can find a “network attack requiring no user interaction.” There’s also a 50% bonus for hackers who can find weaknesses in software before it's released.

Apple is increasing those rewards in the face of an increasingly profitable private market where hackers sell the same information to governments for vast sums.

As Maor Shwartz told Forbes, the cost of a single exploit (a program that uses vulnerabilities typically to take control of a computer or phone) can fetch as much as $1.5 millon. An exploit targeting WhatsApp where no clicks are required from the user, for instance, can be sold to a government agency for that much, though such tools are rare. Only one or two a year will be sold, from a pool of around 400 researchers who focus on such high-end hacking. “It’s really hard to research them and produce a working exploit,” he said.

Hackers use stolen Apple prototypes to break into iPhone


Apple's production lines are so massive that it's easy to imagine iPhones being smuggled out of there.

We all know the story of the prototype iPhone 4 that was left at a bar, spoiling what could have been one of the biggest surprises in Apple history. But have you heard the one about the stolen prototype iPhones that are still winding up in unintended hands — in this case, hackers bent on finding ways to break into Apple’s operating system?

As per a report, some of the most prominent iOS hackers have made use of prototype iPhones to break into iOS.

Just like every smartphone maker, Apple also develops a prototype or 'dev-fused' iPhone for testing different technologies, modems, chips.

If you are an iPhone user, chances are that you know about Cydia, the jailbroken app store for iPhone and iPads. While Jailbreaking is a type of hack that is mostly used to sideload paid apps for free, there are other types of hacks as well. Hacks that are either much more problematic or useful, depending on which side of the hack one is in. Apple phones come with a Secure Enclave Processor (SEP) that encrypts sensitive data on the phone and is set-up as a separate entity. Motherboard investigated how some of the best hackers were able to get study the chip and the answer is said to be a “dev-fused” iPhone, which is an iPhone that was lifted before finishing the production process.

As per the report, these dev-fused iPhones are pre-jailbroken devices in which many security features are disabled. This is so that researchers can test them easily but these devices were never intended to get out of Apple’s reach.

The Motherboard report says there’s now a gray market for “dev-fused” iPhones and each product sells for thousands of dollars. Why? Because they help hackers, security researchers crack iPhones and find critical vulnerabilities in them.

Gaining root access to these pre-production iPhones is said to be much easier than doing the same on a commercially available iPhone.

Apple refutes claim of iPhone passcode hack


Apple has dismissed claims made by security researcher Matt Hickey who said he had found a way to bypass iPhone security protections to enter passcodes as many times as needed.

Hickey, co-founder of cyber security firm Hacker House, had tweeted a video on Friday showing how this can be done by sending a stream of all possible combinations to the device, which will trigger an interrupt request.


He explained that if all combinations are sent in one go using keyboard inputs while the device is plugged in instead of with pauses in between tries, it will trigger an interrupt request that takes precedence over everything else on the device.

However, Apple has since come out and refuted the claim and a spokesperson on Saturday said, "The recent report about a passcode bypass on iPhone was in error, and a result of incorrect testing." 

Retracting his previous position, Hickey tweeted on Sunday that devices are still protected from brute-force attacks as not all passcodes that are being tested are sent.


This was in reference to a previous tweet by Stefan Esser, CEO of security firm Antid0te UG, where he explained that the command to erase iPhone data after 10 tries wasn’t triggered because the various combinations were all “ignored” and counted as a single try.


“The device doesn’t actually try those passcodes until you pause,” Stefan tweeted.

Aside from its initial statement, Apple has not provided any further explanations. The company is planning on including a feature called USB Restricted Mode in its upcoming iOS 12 update that will protect iPhones and iPads from USB-related exploits.


The Six-Digit iPhone Passcode now isn’t Secure; Users Recommended to Choose a Longer Alpha-Numeric Code




There is no doubt that Apple has consistently and relentlessly resorted to various ways in order to make its products more secure in the course of recent years, however the devices haven't been at any point of time, impervious . As recently Apple has expanded the iOS security after some time, the hackers and security researchers, thusly, have also stepped up and the final product is apparently an endless game wherein Apple tries to shore up security openings faster than the said programmers can misuse them.

Also, the way things are presently, it shows up as though Apple has a lot of catching up to do. For instance, Recently Cellebrite uncovered that it would now be able to access any locked iPhone running redundancy of iOS back-pedaling to iOS 5. All the more as of late, expression of another iPhone hacking machine named GrayKey started making waves on the web. GrayKey is a relatively simple device that can hack into most iPhones, the reports say.

And as anyone might expect, the device, which has a base cost of $15,000, has ended up being exceedingly favored among the law enforcement agencies.

Presently in case you're determined on keeping the contents of your iPhone protected from prying eyes, your most solid option is to utilize a password that is preferred to be longer than six digits. Furthermore, for additional security, you'd be encouraged to think of an alphanumeric password too.

The reason why is because  as indicated by Cryptographer Matthew Green of Johns Hopkins , here's to what extent it apparently takes GrayKey to crack iOS passwords of changing lengths. As confirmed in the tweet below, a 6-digit password can be cracked in around 11 hours on an average.






While longer passwords surely give an additional layer of security, but the reality is that most users will never pick a 10-digit password. And at one point, there should be a balance maintained amongst convenience and security. So, in case you're not in a situation to forfeit security for any reason, at that point you should simply try to think of a long alpha-numeric password.

While the default iOS password now remains at 6 digits, it used to be 4 a couple of years back, there is a possibility for the users to opt for a more extended alpha-numeric code. And so, to get to this alternative, go to Settings > Touch ID and Password. From that point, you would see a "Password Options" tag that should give you a chance to pick a custom alphanumeric code for your iPhone.

Israeli company says it can break into any iPhone — and can help law do the same

In a major win for US law enforcement, Israeli cyber forensics firm, Cellebrite, which is a major government contractor, claims to have found a way to break into any iPhone in the market. The company says that it can get around the security of devices running from iOS 5 to iOS 11.

The company is allegedly actively advertising to law enforcement and private forensics from across the globe.

This reportedly includes the iPhone X, which Forbes reported had been successfully breached by the Department of Homeland Security in November 2017 with suspected involvement of Cellebrite technology.

The reporter was able to dig up a warrant for the same, which notes that the department’s Cellebrite specialist performed a “forensic extraction” in December, although the exact method of unlocking the iPhone is not mentioned.

Apple has repeatedly refused to help law enforcement agencies break into iPhones, stating the need its customers’ privacy. This decision has often led to clashes between the two.

In the past, there have been various cases when law enforcement called upon Apple to provide a way to unlock the iPhones to access necessary information, even going so far as to obtain a court order to help disable to PIN feature. However, Apple has always refused.

If Cellebrite has indeed found a way to hack into iPhones, it could lead to a major change in their interactions.

Hackers lock iPhones remotely and demanding $100 to unlock it


In recent hours, a number of users from Australia had a nightmare as cyber criminals locked their devices and demanding payment of a ransom.

The locked devices show the following message "Device Hacked by Oleg Pliss" and instructs victims to send $100 dollars to lock404@hotmail.com to unlock their devices.

The cyber attack came to light, after one user from Melbourne shared his experience in Apple support forum and asked help to fix the problem.  Following his post, several users have reported of being affected by this attack.

It appears hackers used stolen Apple IDs and passwords to access iCloud account that allowed them to lock victim's devices and display a message.

What you should do? Don't pay the Ransom !
Affected users are advised to contact Apple directly to regain access to their account.  

Once you have access to your account, change the password immediately and enable two step authentication feature for your account.

iOS 7 Beta Hack allows anyone to Bypass iPhone Lockscreen


Every time Apple attempts to improve the security in the new version of iOS, it ends up with a new security bug.

Here comes another iPhone hack to bypass the iOS Lock Screen.  A Spanish iPhone users sent a video to Forbes showing how to hack the iOS 7 Beta version to bypass the iPhone Lockscreen.

The security bug can be easily reproduced by going to iOS control Room,  accessing the Phone's calculator and then accessing the phone's camera.  It is said that the bug allows to deleting, sharing the photos.

The bug has been confirmed by the Forbes. iOS 7 is still in the beta version so it's only available to those with developer accounts.

Earlier this year, we became aware that Vulnerability-Lab discovered iOS Lockscreen vulnerability that allowed anyone to access the data stored on the device.

Researchers can hack iPhone within one minute using malicious Charger


You should think twice or even thrice or even more before using someone else's charger next time your iPhone running out of battery.

Three security researchers , Billy Lau, Yeongjin Jang and Chengyu Song from the Georgia Institute of Technology found a way to hack your iPhone with a malicious charger.

The team will demonstrate the proof-of-concept of the hack at upcoming BlackHat hacker conference in late July.

Researchers claim they can compromise any iOS device within one minute of being plugged to the malicious charger.

The hack attack apparently does not require any user interaction and it works against even devices that are not jailbroken.

Reference:
http://www.blackhat.com/us-13/briefings.html#Lau

iPhone spyware can be used to capture Desktop computer Key strokes

iPhone can be used to capture the Desktop computer keystrokes.  Sounds interesting?A team of researchers at Georgia Tech demonstrated how to use the accelerometers of a smartphone to capture the Keystrokes of Desktop Computers by placing nearby.

Patrick Traynor, an assistant professor in Georgia Tech's School of Computer Science, admits that the technique is difficult to accomplish reliably but claims that the accelerometers built into modern smartphones can sense keyboard vibrations and decipher complete sentences with up to 80% accuracy.

"We first tried our experiments with an iPhone 3GS, and the results were difficult to read," said Traynor. "But then we tried an iPhone 4, which has an added gyroscope to clean up the accelerometer noise, and the results were much better. We believe that most smartphones made in the past two years are sophisticated enough to launch this attack."

Researcher posted what displayed in iPhone:

Presently the spyware cannot determine the pressing of individual keys through the iPhone's accelerometer, but "pairs of keystrokes" instead. The software determines whether the keys are on the right or left hand side of a standard QWERTY keyboard, and then whether the pair of keys are close together or far apart.

With the characteristics of each pair of keystrokes collected, it compares the results against a dictionary - where each word has been assigned similar measurements.

For example, take the word "canoe," which when typed breaks down into four keystroke pairs: "C-A, A-N, N-O and O-E." Those pairs then translate into the detection system’s code as follows: Left-Left-Near, Left-Right-Far, Right-Right-Far and Right-Left-Far, or LLN-LRF-RRF-RLF. This code is then compared to the preloaded dictionary and yields "canoe" as the statistically probable typed word.

For understandable reasons, the technique is said to only work reliably on words which have three or more letters.

Text recovery

Henry Carter, one of the study's co-authors, explained the attack scenario that they envisaged could be used:

"The way we see this attack working is that you, the phone’s owner, would request or be asked to download an innocuous-looking application, which doesn’t ask you for the use of any suspicious phone sensors."

"Then the keyboard-detection malware is turned on, and the next time you place your phone next to the keyboard and start typing, it starts listening."